<?php
/**
 * Created by PhpStorm.
 * User: dehong
 * Date: 2016/9/2
 * Time: 23:17
 */
session_start();
// 定义个常量，用来调用includes里面的文件
define('IN_TG',true);
// 用来指定本页内容
define('SCRIPT','article_modify');
// 引入公共文件
require dirname(__FILE__).'/includes/common.inc.php'; // 转换成硬路径,速度更快
// 登陆后才可以发帖
if(!isset($_COOKIE['username'])){
    _location('发帖前，必须登录','login.php');
}
// 修改,还需要判断一下权限
if(@$_GET['action'] == 'modify'){
    _check_code($_POST['code'],$_SESSION['code']);
    if(!!$_rows = _query("SELECT tg_uniqid FROM tg_user WHERE tg_username='{$_COOKIE['username']}' LIMIT 1")) {
        // 为了防止cookie伪造，还要对比一下唯一标识符uniqid()
        _uniqid($_rows['tg_uniqid'], $_COOKIE['uniqid']);

        // 开始修改
        include ROOT_PATH.'includes/check.func.php';
        // 接受帖子内容
        $_clean = array();
        $_clean['id'] = $_POST['id'];
        $_clean['type'] = $_POST['type'];
        $_clean['title'] = _check_post_title($_POST['title'],2,40);
        $_clean['content'] = _check_post_content($_POST['content'],10);
        $_clean = _mysql_string($_clean);

        //执行SQL
        $sql = "UPDATE
                       tg_article
                   SET
                       tg_type=:type,tg_title=:title,tg_content=:content,tg_last_modify_date=:modify_date
                 WHERE
                       tg_id='{$_clean['id']}'";
        $stmt = $GLOBALS['dbh']->prepare($sql); // 进行预处理
        $data = array(
            ':type'=>$_clean['type'],
            ':title'=>$_clean['title'],
            ':content'=>$_clean['content'],
            ':modify_date'=>time(),
        );
        $stmt->execute($data) or die('执行错误！'); // 执行，放入参数
        if($stmt->rowCount() == 1){
            // 获取刚刚新增的ID
            $_clean['id'] = $GLOBALS['dbh']->lastInsertId();
            $GLOBALS['dbh'] = null;
            _location('帖子修改成功！','article.php?id='.$_clean['id']);
        } else {
            $GLOBALS['dbh'] = null;
            _alert_back('帖子修改失败！');
        }
    }else{
        _alert_back('非法登录!');
    }
}
// 读取数据
if(isset($_GET['id'])){
    $_rows = _query("SELECT
                               tg_username,tg_title,tg_content,tg_type
                           FROM
                               tg_article
                          WHERE
                               tg_reid=0
                            AND
                               tg_id='{$_GET['id']}'"
    );
    if(!!$_rows) {
        // 存在
        $_html = array();
        $_html['id'] = $_GET['id'];
        $_html['username'] = $_rows['tg_username'];
        $_html['title'] = $_rows['tg_title'];
        $_html['type'] = $_rows['tg_type'];
        $_html['content'] = $_rows['tg_content'];
        $_html = _html($_html);

        //判断权限
        if (!isset($_SESSION['admin'])) {
            if ($_COOKIE['username'] != $_html['username']) {
                _alert_back('你没有权限修改！');
            }
        }
    } else {
        _alert_back('不存在此帖子！');
    }
} else {
    _alert_back('非法操作!');
}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <?php require ROOT_PATH.'includes/title.inc.php'; ?>
    <script type="text/javascript" src="js/code.js"></script>
    <script type="text/javascript" src="js/post.js"></script>
</head>
<body>
<?php require ROOT_PATH."includes/header.inc.php"; ?>
<div id="post">
    <h2>修改帖子</h2>
    <form action="?action=modify" name="post" method="post">
        <input type="hidden" value="<?php echo $_html['id']?>" name="id" />
        <dl>
            <dt>请认真修改以下内容</dt>
            <dd>
                类&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;型：
                <?php
                foreach(range(1,16) as $_num){
                    if($_num == $_html['type']){
                        echo '<label for="type'.$_num.'"><input type="radio" id="type'.$_num.'" name="type" value="'.$_num.'" checked="checked" />&nbsp;';
                    }else{
                        echo '<label for="type'.$_num.'"><input type="radio" id="type'.$_num.'" name="type" value="'.$_num.'" />&nbsp;';
                    }
                    echo '&nbsp;<img src="images/1/icon'.$_num.'.gif" alt="类型" /></label>&nbsp;';
                    if ($_num == 8) {
                        echo '<br />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
                    }
                }
                ?>
            </dd>
            <dd>标　　题：<input type="text" name="title" value="<?php echo $_html['title']?>" class="text" /> (*必填，2-40位)</dd>
            <dd id="q">贴　　图：　<a href="javascript:;">Q图系列[1]</a>　 <a href="javascript:;">Q图系列[2]</a>　 <a href="javascript:;">Q图系列[3]</a></dd>
            <dd>
                <?php include ROOT_PATH.'includes/ubb.inc.php'?>
                <textarea name="content" rows="9"><?php echo $_html['content']?></textarea>
            </dd>
            <dd>验 证 码：<input type="text" name="code" class="text yzm"  /> <img src="code.php" id="code" /> <input type="submit" class="submit" value="修改帖子" /></dd>
        </dl>
    </form>
</div>
<?php require ROOT_PATH."includes/footer.inc.php"; ?>
</body>
</html>
